When write operations only are performed with a proxy authorization
control, the client identity is not forwarded to the LDAP server for read
requests. For more information about forwarding requests without the client
identity, see Forwarding Requests Without the Client Identity.

Configure the data source with the bind credentials of Directory Proxy Server.

Directory Proxy Server verifies that the client DN has the relevant ACIs
for proxy authorization by using the getEffectiveRights command.
The result is cached in Directory Proxy Server and renewed when the proxied-auth-check-timeout expires.

If necessary, restart the instance of Directory Proxy Server for the
changes to take effect.